dynamic updates & TSIG?
Igmar Palsenberg
maillist at chello.nl
Wed Aug 30 15:33:35 UTC 2000
On Wed, 30 Aug 2000, Jesus Couto wrote:
>
>
> Hi,
>
> I'm testing dynamic updates with TSIG authentication, and found
> out that I can still do updates without using the secret. nsupdate doesnt
> work if I use a bad secret, but updates are accepted if I dont specify a
> key file, and doing the updates via perl works too.
>
> The relevant part of the named.conf:
>
> key "ddns" {
> algorithm hmac-md5;
> secret "B0hE+oyhXgDd9UN2OjDzO7AFZ4LExInmykSDKgYvl1Jni6yQAxEBmq23c43ziemhq0ZV/9LVPccEOT+xCVz4Lw==";
> };
Specifying the secret here is a stupid thing to do..
I had some trouwbles with it also.. Can't check what I did, because it
isn't my machine.
Igmar
More information about the bind-users
mailing list